Be aware of Phishing!

Phishing is a fraudulent practice used by scammers and hackers who pretend to be trustworthy entities to get access to your personal and confidential information, such as usernames, passwords, and credit card details, to steal goods and services. The ‘Phishers’ will contact a person through a telephone call, SMS, or email and introduce themselves as an employee or a part of a business organization with whom their target victim has been interacting, like a bank or credit card company, utility companies, service providers, insurance, etc. They then ask the user to share details of their accounts on some pretext. Based on the information shared, the phishers can use your accounts or duplicate ATM/credit cards and perform transactions from that duplicate card.

In other cases, the phishers will create dummy sites for a well-known financial institution that claims to be the original company. Even the fake site URL would look similar to the original site’s. The process continues once someone provides their personal information on the fake site. To avoid phishing, you should never respond to any electronic communication, such as any popup emails, SMS, or phone call, no matter how legitimate it looks or sounds like if they seek personal information such as username, ESPECIALLY passwords, One Time Pin (OTP), any bank account information such as CC number, bank statements, credit/debit details, etc.

You must also ensure that the sites where you perform online transactions and banking are protected under secure protocols and that we only make transactions through licensed/recognized websites. If done correctly, phishers cannot steal the encrypted data from these sites.

Examples of Phishing Messages

These are sample messages you would receive through SMS or Email that are likely to be phishing… “We suspect an unauthorized transaction on your account. To ensure your account is not compromised, please click the link below and confirm your identity.”

“Our records indicate that your account was overcharged. You must call us within 7 days to receive your refund.”

“During our regular verification of accounts, we couldn’t verify your information. Please click here to update and verify your information.”

“Congratulations! You’ve been chosen as our Winner. To claim your price, click the link and complete the form.”

These are just examples, but the context used for these messages is the same- They ask for your Personal Information.

How to avoid Phishing attempts?

If you receive an email, SMS,/Text message that asks for your personal information (Social Security Numbers, Passwords, Account numbers, etc.) Disregard and best to delete them as legitimate companies will never ask for this information via email, or text.

Do not call any phone number but the one on your statements or credit cards. 

If you are concerned about your account, it’s best to reach out directly to organizations you do business with; try to call the hotline on your financial statements or even the number on the back of the active credit card you’re using.  Do not call any number in the text message or email. 

Do not click links provided through email and SMS, as these will lead you to spoofed sites. Open a new browser and go directly to the website instead. Even area codes can mislead as well. Some phishers may ask you to call a specific phone number to update your personal account or even process a refund. However, a local area code doesn’t guarantee that the caller is indeed local. Do not respond to any messages or emails that look suspicious. 

If you’re concerned about your accounts, go to the website and check that they are in good standing. If you suspect that you receive phishing content through any of your platforms, please delete and block them permanently. Most email providers and phone carriers have a way to report phishing messages, so it’s also a good idea to always report them before deleting them. 

Do not overshare personal information on the internet, significantly, as it can affect your safety.

Do not share passwords to your accounts with anyone you don’t know or trust with your life because you trust them with your identity. Identity Theft is hard to deal with and can be devastating financially and emotionally.

If you receive a random One Time Pin (OTP) for your organization, seek help and report it to the organization authorities.

The Internet is a fantastic way to do business; hopefully, these tips can help you do so safely.